diff --git a/CHANGELOG b/CHANGELOG index a3c8ce1b0..663a7d609 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -24,7 +24,7 @@ - comment of document version may not be modified when document has expired - attributes of document version may be edited if enableVersionModification is true even if the document has been released, obsoleted or has been expired -- review can be removed by admin +- reviews and approvals can be removed by admin -------------------------------------------------------------------------------- Changes in version 5.1.22 diff --git a/op/op.RemoveApprovalLog.php b/op/op.RemoveApprovalLog.php new file mode 100644 index 000000000..9aa103a2d --- /dev/null +++ b/op/op.RemoveApprovalLog.php @@ -0,0 +1,99 @@ + getMLText("invalid_request_token"))),getMLText("invalid_request_token")); +} + +if (!isset($_POST["documentid"]) || !is_numeric($_POST["documentid"]) || intval($_POST["documentid"])<1) { + UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); +} + +$documentid = $_POST["documentid"]; +$document = $dms->getDocument($documentid); + +if (!is_object($document)) { + UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); +} + +if (!$user->isAdmin() || $document->getAccessMode($user) < M_ALL) { + UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("access_denied")); +} + +if (!isset($_POST["version"]) || !is_numeric($_POST["version"]) || intval($_POST["version"])<1) { + UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); +} + +$version = $_POST["version"]; +$content = $document->getContentByVersion($version); + +if (!is_object($content)) { + UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); +} + +// operation is only allowed for the last document version +$latestContent = $document->getLatestContent(); +if ($latestContent->getVersion()!=$version) { + UI::exitError(getMLText("document_title", array("documentname" => $document->getName())),getMLText("invalid_version")); +} + +if (!isset($_POST["approveid"]) || !is_numeric($_POST["approveid"]) || intval($_POST["approveid"])<1) { + UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approveid")); +} +$approveid = $_POST['approveid']; +$approves = $latestContent->getApprovalStatus(); +$approveStatus = null; +foreach($approves as $approve) { + if($approve['approveID'] == $approveid) { + $approveStatus = $approve; + break; + } +} +if(!$approveStatus) { + UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approveid")); +} + +if($approveStatus['type'] == 0) { + $ruser = $dms->getUser($approveStatus['required']); + $msg = getMLText('ind_approval_removed', array('name'=>$ruser->getFullName())); +} elseif($approveStatus['type'] == 1) { + $rgroup = $dms->getGroup($approveStatus['required']); + $msg = getMLText('group_approval_removed', array('name'=>$rgroup->getName())); +} else + UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approveid")); + +$comment = $_POST["comment"]; +if(0 == $latestContent->removeApproval($approveid, $user, $comment)) { + $latestContent->verifyStatus(true, $user, $msg); +} +header("Location:../out/out.ViewDocument.php?documentid=".$documentid."¤ttab=revapp"); diff --git a/out/out.RemoveApprovalLog.php b/out/out.RemoveApprovalLog.php new file mode 100644 index 000000000..d310c66de --- /dev/null +++ b/out/out.RemoveApprovalLog.php @@ -0,0 +1,88 @@ + getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); +} + +$document = $dms->getDocument(intval($_GET["documentid"])); + +if (!is_object($document)) { + UI::exitError(getMLText("document_title", array("documentname" => getMLText("invalid_doc_id"))),getMLText("invalid_doc_id")); +} + +$folder = $document->getFolder(); + +if (!$user->isAdmin() || $document->getAccessMode($user) < M_ALL) { + UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("access_denied")); +} + +if (!isset($_GET["version"]) || !is_numeric($_GET["version"]) || intval($_GET["version"])<1) { + UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_version")); +} +$version = $_GET["version"]; +$content = $document->getContentByVersion($version); +if (!is_object($content)) { + UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_version")); +} + +// operation is admitted only for last document version +$latestContent = $document->getLatestContent(); +if ($latestContent->getVersion()!=$version) { + UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_version")); +} + +if (!isset($_GET["approveid"]) || !is_numeric($_GET["approveid"]) || intval($_GET["approveid"])<1) { + UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("invalid_approveid")); +} +$approveid = $_GET['approveid']; + +/* Create object for checking access to certain operations */ +$accessop = new SeedDMS_AccessOperation($dms, $document, $user, $settings); + +$approvals = $content->getApprovalStatus(); +if(!$approvals) { + UI::exitError(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName()))),getMLText("no_action")); +} + +$tmp = explode('.', basename($_SERVER['SCRIPT_FILENAME'])); +$view = UI::factory($theme, $tmp[1], array('dms'=>$dms, 'user'=>$user)); +if($view) { + $view->setParam('folder', $folder); + $view->setParam('document', $document); + $view->setParam('version', $content); + $view->setParam('approveid', $approveid); + $view->setParam('accessobject', $accessop); + $view($_GET); + exit; +} diff --git a/views/bootstrap/class.RemoveApprovalLog.php b/views/bootstrap/class.RemoveApprovalLog.php new file mode 100644 index 000000000..67d6175a4 --- /dev/null +++ b/views/bootstrap/class.RemoveApprovalLog.php @@ -0,0 +1,126 @@ + + * @copyright Copyright (C) 2002-2005 Markus Westphal, + * 2006-2008 Malcolm Cowe, 2010 Matteo Lucarelli, + * 2010-2012 Uwe Steinmann + * @version Release: @package_version@ + */ + +/** + * Include parent class + */ +//require_once("class.Bootstrap.php"); + +/** + * Class which outputs the html page for RemoveApprovalLog view + * + * @category DMS + * @package SeedDMS + * @author Markus Westphal, Malcolm Cowe, Uwe Steinmann + * @copyright Copyright (C) 2002-2005 Markus Westphal, + * 2006-2008 Malcolm Cowe, 2010 Matteo Lucarelli, + * 2010-2012 Uwe Steinmann + * @version Release: @package_version@ + */ +class SeedDMS_View_RemoveApprovalLog extends SeedDMS_Theme_Style { + + function js() { /* {{{ */ + header('Content-Type: application/javascript; charset=UTF-8'); + parent::jsTranslations(array('js_form_error', 'js_form_errors')); +?> +$(document).ready(function() { + $("#form1").validate({ + rules: { + comment: { + required: true + }, + }, + messages: { + comment: "", + }, + }); +}); +printFileChooserJs(); + } /* }}} */ + + function show() { /* {{{ */ + $dms = $this->params['dms']; + $user = $this->params['user']; + $folder = $this->params['folder']; + $document = $this->params['document']; + $content = $this->params['version']; + $approveid = $this->params['approveid']; + + $approves = $content->getApprovalStatus(); + foreach($approves as $approve) { + if($approve['approveID'] == $approveid) { + $approveStatus = $approve; + break; + } + } + + $this->htmlAddHeader(''."\n", 'js'); + $this->htmlAddHeader(''."\n", 'js'); + + $this->htmlStartPage(getMLText("document_title", array("documentname" => htmlspecialchars($document->getName())))); + $this->globalNavigation($folder); + $this->contentStart(); + $this->pageNavigation($this->getFolderPathHTML($folder, true, $document), "view_document", $document); + $this->contentHeading(getMLText("remove_approval_log")); + $this->warningMsg(getMLText('warning_remove_approval_log')); + + // Display the Approval form. + if($approveStatus["status"]!=0) { + + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + print ""; + $indUser = $dms->getUser($approveStatus["userID"]); + print ""; + print "
".getMLText("status")."".getMLText("comment")."".getMLText("last_update")."
"; + printApprovalStatusText($approveStatus["status"]); + print "".htmlspecialchars($approveStatus["comment"])."".$approveStatus["date"]." - ". htmlspecialchars($indUser->getFullname()) ."

\n"; + } +?> +
+ +contentContainerStart(); + + $this->formField( + getMLText("comment"), + array( + 'element'=>'textarea', + 'name'=>'comment', + 'required'=>true, + 'rows'=>4, + 'cols'=>80 + ) + ); + $this->contentContainerEnd(); + + $this->formSubmit(' '.getMLText('remove_approval_log')); +?> + + + +
+contentEnd(); + $this->htmlEndPage(); + } /* }}} */ +} +?> + diff --git a/views/bootstrap/class.ViewDocument.php b/views/bootstrap/class.ViewDocument.php index 4ed5a9b16..70b389012 100644 --- a/views/bootstrap/class.ViewDocument.php +++ b/views/bootstrap/class.ViewDocument.php @@ -946,8 +946,8 @@ $(document).ready( function() { } } } - if($enableremoverevapp && $user->isAdmin() && ($r['status'] == 1 || $r['status'] == -1)) - echo '
    • '; + if($enableremoverevapp && $user->isAdmin() && ($r['status'] == 1 || $r['status'] == -1)) + echo '
    • '; print "\n"; print "\n"; @@ -1050,6 +1050,8 @@ $(document).ready( function() { } } } + if($enableremoverevapp && $user->isAdmin() && ($a['status'] == 1 || $a['status'] == -1)) + echo '
    • '; print ""; print "\n";